News & Commentary

Content posted in July 2005
Bugs, Crime, And Punishment
Commentary  |  7/29/2005  | 
Man, oh, man. This past week has been replete with one bug-filled, vulnerable moment after another. Vendors who weren't quashing bugs, or issuing antidotes, were setting out cash or good as same lures to track down even more bugs. The air was virtually thick with repellent and
Safeguard Podcasts Now, While The Technology Is New
Commentary  |  7/28/2005  | 
Brian Livingston posts details on how a podcast might infect a PC. He writes: "Podcasts threaten to become another automated way hackers can put viruses and spyware onto your computer. As we all know only too well, Microsoft Word begat macro viruses, Microsoft Outlook begat e-mail viruses, and Internet Explorer begat ActiveX viruses."
Russian Spammer Murdered
Commentary  |  7/25/2005  | 
Russian news site MosNews.Com reports that infamous Russian spammer Vardan Kushnir was found dead in his apartment on Sunday, having been apparently beaten to death. Kushnir reportedly headed several companies, including the Center for American English, the New York English Centre, and the Centre for Spoken English, that sent significant amounts of spam in Russia. According to
Death To Hackers!
Commentary  |  7/12/2005  | 
What's the appropriate punishment for convicted hackers, a 21-month suspended sentence including 30 hours of community service, death, or something worse?


Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Typin' in my password. Somebody's shoulder surfin'. Woooh!
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11329
PUBLISHED: 2018-05-22
The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. After that, all the digital assets (including Ether balance and tokens) might be manipulated by the attackers, as exploited in the wil...
CVE-2018-11363
PUBLISHED: 2018-05-22
jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read.
CVE-2018-11364
PUBLISHED: 2018-05-22
sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in libreadstat.a in ReadStat 0.1.1 has a memory leak related to an iconv_open call.
CVE-2018-11365
PUBLISHED: 2018-05-22
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop.
CVE-2018-11339
PUBLISHED: 2018-05-22
An XSS issue was discovered in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.